[CTPhil]

My website's home page was recently hacked, hidden links were added to the code. I was alerted to this by someone using the same web host, who was also a victim. As a result of this, I've lost my #1 Google ranking for my home page, presumably a penalty for hidden text. A Google search turns up others complaining of this host being hacked, but for all I know, all hosts might get a certain number of this type of complaint.

I contacted my host and got a canned response blaming my software for being vulnerable. The only thing I can figure they are talking about is my phpBB forum, which was not hacked.

I have no idea if this is reasonable or if I'm getting stonewalled. What can I do? I have replaced the hacked page and so far it's OK.

I do have another account with a different host I can switch to. I'm over my head here, any advice would be greatly appreciated.

[Anthony:-P]

CTPhil,

Out of interest which host was it?

If your host doesn't really seem interested, then their customer service is shocking.

Anyway, the only thing that can be suggested is to ensure you have a VERY secure password on your control panel / administration area. Ideally a password that...

• ...contains letters a-z
• ...contains both uppercase & lowercase characters
• ...contains digits
• ...contains symbols

This will help in ensuring your password isn't guessable.

The second, is to ensure that there are no secondary accounts etc, that you may have created before and given to someone who no longer needs them - and if you didn't give them one, if it was truly "hacked" the may have added their own.

Also, if your host provides any access records for your account, take a look at them, and see if their login was recorded.

Not much more i can offer,

Regards,
A....

[CTPhil]

The hosting company is IX Webhosting.

I checked the Login record, nobody but me, and I've never shared the information. My password isn't the best, but I wouldn't say it's guessable.

An interesting coincidence is that IX moved their servers to another state about a month ago. Just about enough time for the hack to occur, Google to notice hidden text and assess a penalty, and the penalty to show up in the serps.

If a number of people had their sites hacked, wouldn't it seem that it was a direct hack rather than through individual accounts?

[Anthony:-P]

It is rather interesting, and like you say it does rule out the event of it being individual acts and not just a coincidence.

I can't think of much else...

Regs,
A...

[CTPhil]

Thanks anyways.

The more I Google and compare notes with the webmaster who tipped me off, the more I think I need to change hosts.

[tex0gen]

Seems like your host is a bit shi*. To put it plain. Change host and as anthony:P said, Change yur password to something like Example:
*this_is_m4_pa55w0rd-" that way it takes longer for a fruteforcer to get in and obviously imposible to guess. Hope all goes well in the end mate. Good luck.

[awatson]

If you were on a shared hosting system, it's also possible a breach on another site gave them access to your site. If your host is sloppy or just incompetent, it could be the access came from a source other than your own site. It could even be that their support techs aren't well trained in preventing social engineering and someone called in and got access through their support system!

[CTPhil]

I do think now that the web host isn't very good. They basically denied any responsibility with a couple of canned responses. Apparently a bunch of sites got hacked at the same time, and it isn't the first time.

I'm going to switch. I have an account with 1&1, and I've been happy with them.

[DotHQ]

It's a pain to switch but it sure sounds like that's what you need to do.
Multiple accounts hacked within the same time frame means someone got root access and did the damage to multiple sites. Sounds like your ISP would rather deny it and blame you rather than stepping up to the plate. Switch as soon as possible so it doesn't happen again.
Then share how you managed to get a number one google ranking!!!! That is awesome!!!!